SCADA Threats

In this part of technical article, I will focus on various types of threats which must be considered in order to plan the security management of a SCADA system. Some of them (first two) were described in the previous part, so focus will be on physical threats, threats via communication and threats to software management.

3. Physical security

In general, SCADA system equipment should be located inside secured areas having the same degree of security deemed appropriate for the supported systems. However, the electronic nature of these systems provides opportunities for compromise from both inside and outside the secured area that must be addressed.

– 3.a –

HMI devices for controllers that provide access to the entire SCADA system shall use password protected screen access with multiple levels of access control, and automatic logout routines with short time settings.

Password policies for screen savers shall be in compliance with established Do D policies (CJCSI 6510.01D).

– 3.b –

Equipment enclosures and pull and junction boxes should be kept locked or secured with tamper resistant hardware. Doors and covers should be provided with tamper switches or other means of detecting attempted intrusion, connected to the site security system.

Tamper detection devices should be designed to detect the initial stages of access such as removal of fasteners, unlatching of doors, etc.

– 3.c –

Raceways and enclosures for SCADA circuits external to the secured area should be designed to resist entry by unauthorized persons. Access to field wiring circuit conductors can potentially provide “back-door” entry to controllers for damaging over-voltages or transients.

5. Software management and documentation

With the modern complexity and exposure to intentional software damage that can occur in modern industrial controls systems, it is a good practice to implement a Software Management and Documentation System (SMDS).

– 5.a –

A SMDS system is software which resides on a dedicated computer on the plant network that monitors all activities of the control system. Such a system should be required for the control system in an important and complex military facility.

It allows the facility administrator to do the following:

Control who may use any SCADA application software and what actions can be performed

Maintain a system-wide repository for historical storage of the application configuration files

Identify exactly who has modified a control system configuration or application parameter, what they changed, where they changed it from, and when the change was made

Assure that the control system configuration thought to be running the facility actually is

Support application restoration following a catastrophic event

Generate views into the Software Management System for more detailed analysis of configuration changes

– 5.b –

Software Management and Documentation systems are available now from the major suppliers of industrial control systems.

Having such a system provides the following additional benefits:

Avoids maintaining incorrect or incompatible software versions

Assures that there are not multiple versions of software on file

Prevents multiple users from causing a conflict somewhere on the system